<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>整体安全态势评级与核心风险</title>
    <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
    <style>
        :root {
            --primary: #2E95F8;
            --danger: #FF4D4F;
            --warning: #FAAD14;
        }

        * {
            padding: 0;
            margin: 0;
            box-sizing: border-box;
            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
        }

        body {
            background: #060606;
            color: #E9EAEC;
            line-height: 1.6;
        }

        .row {
            display: flex;
            gap: 24px;
            margin-bottom: 24px;
            flex-wrap: wrap;
        }

        .col {
            flex: 1;
            min-width: 300px;
        }

        .page {
            max-width: 1400px;
            margin: 24px auto;
            padding: 0 16px;
        }

        .header {
            margin-bottom: 24px;
            padding: 24px;
            background-color: #09162F;
            border-radius: 4px;
            border-left: 4px solid var(--danger);
        }

        .header h1 {
            color: #129BFF;
            margin-bottom: 12px;
        }

        .header p {
            color: #A8B5CC;
        }

        .card {
            border-radius: 4px;
            padding: 24px;
            border: 1px solid #1B64AA;
            background: rgba(8, 26, 48, 0.8);
            height: 100%;
        }

        .card-title {
            margin-bottom: 16px;
            font-size: 18px;
            color: #2E95F8;
            font-weight: 600;
        }

        .overview {
            display: flex;
            gap: 24px;
            flex-wrap: wrap;
        }

        .overview-item {
            flex: 1;
            min-width: 120px;
        }

        .overview-item .label {
            color: #A8B5CC;
            font-size: 14px;
            margin-bottom: 8px;
        }

        .overview-item .value {
            font-size: 24px;
            font-weight: 600;
            color: #E9EAEC;
        }

        table {
            width: 100%;
            border-collapse: collapse;
            margin: 16px 0;
        }

        th,
        td {
            padding: 12px 16px;
            text-align: left;
            border-bottom: 1px solid rgba(27, 100, 170, 0.5);
        }

        th {
            background-color: rgba(9, 22, 47, 0.8);
            color: #2E95F8;
            font-weight: 500;
        }

        tr:hover {
            background-color: rgba(27, 100, 170, 0.1);
        }

        .high-risk {
            color: var(--danger);
            font-weight: 600;
        }

        .chart-container {
            position: relative;
            height: 300px;
            width: 100%;
        }

        ol,
        ul {
            padding-left: 24px;
            margin: 12px 0;
        }

        li {
            margin-bottom: 8px;
        }

        .analysis {
            background: rgba(9, 22, 47, 0.5);
            padding: 16px;
            border-radius: 4px;
            margin-top: 16px;
        }

        .analysis-title {
            color: var(--warning);
            margin-bottom: 8px;
            font-weight: 600;
        }

        @media (max-width: 768px) {
            .row {
                flex-direction: column;
                gap: 16px;
            }

            .col {
                min-width: 100%;
            }

            .header {
                padding: 16px;
            }

            th,
            td {
                padding: 8px 12px;
                font-size: 14px;
            }
        }
    </style>
</head>

<body>
    <div class="page">
        <!-- 头部 -->
        <div class="header">
            <h1>整体安全态势评级与核心风险</h1>
            <div>
                <p><strong>整体安全态势评级</strong>：<span class="high-risk">高风险</span>（基于未来三天风险命中次数增长率达63.83%及权限提升攻击占比72.5%）
                </p>
                <p><strong>核心风险</strong>：</p>
                <ol>
                    <li>CentOS 8.2.2004系统（资产ID: lin:13f577...）的权限提升攻击集中爆发（1714次）</li>
                    <li>Windows 10主机（DESKTOP-VJ1VQ8T）的基线告警异常（156次）</li>
                    <li>未来三天风险命中次数呈指数级增长（5月14日至16日增长77.8%）</li>
                </ol>
                <p><strong>趋势演进</strong>：</p>
                <ul>
                    <li><strong>短期趋势</strong>：2025-05-16风险命中次数（4294次）较2025-05-14（2432次）增长77.8%，攻击强度持续增强</li>
                    <li><strong>攻击类型演变</strong>：权限提升攻击（T1548）在2025-05-14至2025-05-16期间占比从72.5%（状态报告）增至89.3%（趋势报告），攻击模式高度集中
                    </li>
                </ul>
            </div>
        </div>

        <div class="main">
            <!-- 安全概览 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">安全概览</h2>
                        <div class="overview">
                            <div class="overview-item">
                                <div class="label">总告警数量</div>
                                <div class="value">4,455</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">高威胁攻击</div>
                                <div class="value">1,582</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">基线告警</div>
                                <div class="value">156</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">增长率</div>
                                <div class="value high-risk">63.83%</div>
                            </div>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 三列布局 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">攻击趋势预测</h2>
                        <div class="chart-container">
                            <canvas id="trendChart"></canvas>
                        </div>
                    </div>
                </div>
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">资产风险分布</h2>
                        <div style="overflow-x: auto;">
                            <table>
                                <thead>
                                    <tr>
                                        <th>主机名称</th>
                                        <th>IP地址</th>
                                        <th>告警数量</th>
                                        <th>高威胁攻击</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    <tr>
                                        <td>k8s-master1</td>
                                        <td>10.254.178.168</td>
                                        <td>4,455</td>
                                        <td class="high-risk">1,582</td>
                                    </tr>
                                    <tr>
                                        <td>DESKTOP-VJ1VQ8T</td>
                                        <td>10.250.20.211</td>
                                        <td>156</td>
                                        <td>0</td>
                                    </tr>
                                    <tr>
                                        <td>2-12.novalocal</td>
                                        <td>10.254.177.177</td>
                                        <td>398</td>
                                        <td>0</td>
                                    </tr>
                                </tbody>
                            </table>
                        </div>
                        <div class="analysis">
                            <div class="analysis-title">分析思路</div>
                            <ol>
                                <li><strong>风险集中性</strong>：k8s-master1的告警数量占TOP5主机总告警量的90.7%，且其高威胁攻击次数占权限提升攻击总量的93.7%
                                </li>
                                <li><strong>基线异常</strong>：DESKTOP-VJ1VQ8T的基线告警数量占TOP5基线告警总量的100%</li>
                            </ol>
                        </div>
                    </div>
                </div>
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">攻击类型分析</h2>
                        <div style="overflow-x: auto;">
                            <table>
                                <thead>
                                    <tr>
                                        <th>攻击类型</th>
                                        <th>命中次数</th>
                                        <th>高威胁占比</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    <tr>
                                        <td>权限提升（T1548）</td>
                                        <td>1,714</td>
                                        <td class="high-risk">100%</td>
                                    </tr>
                                    <tr>
                                        <td>Linux定时任务攻击</td>
                                        <td>256</td>
                                        <td>0%</td>
                                    </tr>
                                    <tr>
                                        <td>脚本执行可疑行为</td>
                                        <td>164</td>
                                        <td>0%</td>
                                    </tr>
                                </tbody>
                            </table>
                        </div>
                        <div class="analysis">
                            <div class="analysis-title">分析思路</div>
                            <ul>
                                <li><strong>威胁等级一致性</strong>：权限提升攻击（T1548）的威胁等级均为"高"，但其风险等级未定义</li>
                                <li><strong>攻击模式差异</strong>：Linux定时任务攻击（256次）与脚本执行可疑行为（164次）未触发高威胁等级</li>
                            </ul>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 两列布局 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">风险增长预测</h2>
                        <div style="overflow-x: auto;">
                            <table>
                                <thead>
                                    <tr>
                                        <th>日期</th>
                                        <th>风险命中次数</th>
                                        <th>日环比增长率</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    <tr>
                                        <td>2025-05-14</td>
                                        <td>2,432</td>
                                        <td>-</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-15</td>
                                        <td>2,621</td>
                                        <td>7.77%</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-16</td>
                                        <td class="high-risk">4,294</td>
                                        <td class="high-risk">63.83%</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-17</td>
                                        <td>7,033</td>
                                        <td>63.83%</td>
                                    </tr>
                                </tbody>
                            </table>
                        </div>
                        <div class="analysis">
                            <div class="analysis-title">分析思路</div>
                            <ul>
                                <li><strong>增长模式验证</strong>：2025-05-16的63.83%增长率与2025-05-15的7.77%增长率差异显著</li>
                                <li><strong>风险阈值预警</strong>：若2025-05-19风险命中次数达18,890次，建议触发系统级告警</li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">攻击时间线</h2>
                        <div style="overflow-x: auto;">
                            <table>
                                <thead>
                                    <tr>
                                        <th>日期</th>
                                        <th>命中次数</th>
                                        <th>环比增长率</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    <tr>
                                        <td>2025-05-10</td>
                                        <td>44</td>
                                        <td>-</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-11</td>
                                        <td>64</td>
                                        <td>45.45%</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-13</td>
                                        <td>605</td>
                                        <td class="high-risk">764.29%</td>
                                    </tr>
                                    <tr>
                                        <td>2025-05-14</td>
                                        <td>1,086</td>
                                        <td>79.43%</td>
                                    </tr>
                                </tbody>
                            </table>
                        </div>
                        <div class="analysis">
                            <div class="analysis-title">分析思路</div>
                            <ul>
                                <li><strong>攻击强度拐点</strong>：2025-05-13至2025-05-14的79.43%增长率与k8s-master1的权限提升攻击直接相关</li>
                                <li><strong>防御策略评估</strong>：2025-05-15至2025-05-16的63.83%增长率低于前期的141.35%</li>
                            </ul>
                        </div>
                    </div>
                </div>
            </div>
        </div>
    </div>

    <script>
        // 趋势预测图表
        const trendCtx = document.getElementById('trendChart').getContext('2d');
        const trendChart = new Chart(trendCtx, {
            type: 'line',
            data: {
                labels: ['5月10日', '5月11日', '5月12日', '5月13日', '5月14日', '5月15日(预测)', '5月16日(预测)'],
                datasets: [{
                    label: '实际攻击量',
                    data: [44, 64, 70, 605, 1086, null, null],
                    borderColor: 'rgba(255, 77, 79, 1)',
                    backgroundColor: 'rgba(255, 77, 79, 0.1)',
                    borderWidth: 2,
                    fill: true,
                    tension: 0.4
                }, {
                    label: '预测攻击量',
                    data: [null, null, null, null, 1086, 2621, 4294],
                    borderColor: 'rgba(250, 173, 20, 1)',
                    backgroundColor: 'rgba(250, 173, 20, 0.1)',
                    borderWidth: 2,
                    borderDash: [5, 5],
                    fill: false,
                    tension: 0.4
                }]
            },
            options: {
                responsive: true,
                maintainAspectRatio: false,
                plugins: {
                    legend: {
                        labels: {
                            color: '#E9EAEC'
                        }
                    },
                    tooltip: {
                        callbacks: {
                            label: function (context) {
                                return `${context.dataset.label}: ${context.raw || '无数据'}`;
                            }
                        }
                    }
                },
                scales: {
                    y: {
                        beginAtZero: true,
                        ticks: {
                            color: '#A8B5CC'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.2)'
                        }
                    },
                    x: {
                        ticks: {
                            color: '#A8B5CC'
                        },
                        grid: {
                            display: false
                        }
                    }
                }
            }
        });
    </script>
</body>

</html>